Hacker News new | comments | ask | show | jobs | submit login
How to disappear from the internet (theguardian.com)
389 points by kawera 9 months ago | hide | past | web | favorite | 130 comments

This is why AdNet needs to die.

Imagine if you will if a door to door salesman did what developers, software, and ad companies do.

They would:

A) Insist on seeing everything and everyone in your house before even telling you anything.

B) Go back to a van and call every other salesman to share what they saw, even if you said "Not interested."

C) Pose as the mailman, taking your letters, opening them, and dispatching salesmen to your house later.

D) Eventually, your salesman would end up knowing more about your family than YOU do. He starts showing up offering birth control to your teenage daughter. Low-T supplements to your son.

E) You just got your kids smartphones! Now THEY have their very own dedicated salesman! Timmy's can be especially disruptive with his sales pitches during dinner.

F) Uh oh! Why's that Federal Agent talking to that salesman on the way to our house?

G) Heck, why are INSURANCE people trying to...is that a BANKER, and what is my HR person doing here?!

This new slice of 20XX life brought to you by AdNet!

Accept/Not Interested?

> Accept/Not Interested?

Did you mean Accept/Remind me later?

Accept. AKA, "You will comply."

P.S. If I could afford it, I would have started putting everything I do behind shell companies, years ago.

Not because I resent taxes. I still believe "you get what you pay for" -- as long as you are also paying some attention and care to what is being purchased. (You can't "outsource" your care and involvement.)

But because I value my privacy and autonomy. And a fair playing field -- everyone gets e.g. insurance protection and banking services. And you don't get dinged for being friends with someone with a less than stellar social metric (e.g. past conviction, done their time, being a decent person, now).

I wouldn't feel the need for the shell companies, except in response to the way "business" and data mining have been going.

And you have really hinted at why FATCA is so distructive to overseas Americans..

Only Americans? AEOI was inspired by FATCA and has started going into effect.

(Automatic Exchange of Information).

E.g. I have a bank account in Europe somewhere and automatically details of the account, its balance, etc get forwarded to my local tax authority. The scope of what gets forwarded is maybe a bit limited right now but these things have a tendency to only increase in scope.

If you think you’re not affected as a citizen of a European or other developed country such as Australia/Canada, think again. All OECD countries are taking part, and at least a few non-OECD countries.

If you think you're not affected because you're in Australia, you're just deluded.

can you elaborate on that, i.e. destructive to privacy or financial, or suggest reference material? thx

I presume GP is referring to the fact that FATCA requires foreign (to the USA) banks to share information on all their customers that could possibly be US citizens or residents.

Or I accept/I have no interest in this great, terrific offer.

Accept/I hate saving money and having a good life

I do not agree with the terms and conditions.

> A) Insist on seeing everything and everyone in your house before even telling you anything.

Your browser is instructed to give away this information. Better complain to your favourite browser vendor that their browser betrays your personal data to the ad network.

Your browser is drugged and forcefully robbed, at this point - not asked nicely. Something like uBlock/Easyprivacy is your browser saying no and refusing, but now I see providers trying everything possible to identify you and try to bypass everything on this.

I've seen providers attempt to access your GPU info, fingerprint you via 3D rendering, all sorts of disgusting stuff. They attempt to enumerate megabytes worth of plugin names and mimetypes, load Flash, Shockwave, Java, Silverlight, Windows Media, anything to exfil as much data as they can about you.

They buy thousands or tens of thousands of random domains, subdomains, and attempt all of them if they fail. They act like malware.

They serve fake sourcemaps that try to track the fact that you attempted to investigate them, and use this against you.

I've seen ads _port scan you and your LAN via websocket_ after using RTCPeerConnection and enumerating your local IPs.

I can think of many companies that do this immediately on first page load, silently, before you get a chance to read their ToS or opt out. There is no opt out. They serve this code with CNAMEs and via reverse proxies for first-party cookie access and adblock bypassing.

With as much insanity seems to come with the modern web (and "smart" devices), I feel like there might be a (niche) market for going back to something like Gopher (or a newer, similar variant) where I am imagine this sort of tracking and profiling is harder (and hopefully the content has a higher signal to noise ratio, and is more like the original grassroots web).

Turn JavaScript off entirety, only enable it to specific sites.

Works 80% of the time, though. Many sites do client-side JS-based rendering.

The goal is to not be part of the spyweb and to have another separate safe space. Following your suggestion you get:

(a) to be part of the spyweb - so they can still track you via web requests

(b) not part of an independent net - so there isn't a higher proportion of signal, because the content generators are the same and targeted at generating adrevenue, not independent hobbiests sharing information about their interests.

Consequently I don't think it will work.

Gopher would work in the sense that you would notice the transition from a gopher site to a web site.

This is terrifying, and I want to know more. Would you mind listing a few companies that do this, or perhaps provide a link to a place where I can find more information?

most of those i suspected or was aware of, but the last two (sourcemaps, websockets) are bone-chilling. I'd like to know more.

also, in your opinion, how effective is Ghostery against this vermin?

Not very as far as I can tell.

I use EasyPrivacy + uBlock with a huge amount of wildcard rules - rules that did not work well with ABP (before uBlock came along; ABP would choke and cause 10 second load times).

People are basically being employed to arms-race any defenses, so you get that kind of development speed.

Keep in mind Ghostery was bought out by an ad agency. Use alternatives like Privacy Badger (or others, I'm not too clued up on the main players in that plugin space right now).

Many people on here advocate for the end of advertising driven internet business models and is easy to see where this desire comes from. The real question though is what is the viable alternative? I have yet to see or hear anything close to a viable alternative.

Advertising is not that bad, if the advertisers would simply stick to static "dumb" ads (even text-only, as with the old Google ads), preferably locally hosted, with no tracking nor privacy invasion.

The problems started with animations, sound, interactive nonsense, popups, popunders, tracking, redirects, you name it.

If an ad can do anything more than what a simple newspaper ad can do, it's too much.

And personally, I would rather be without those, as well.

There are several ways to look at that. My take is that it is not at all the problem of financing Internet, it is about how some businesses can access their piece of the cake. They are fleas on the back of mega companies.

People already pays a lot to access the internet to their telecom and devices providers.

Internet access is actually quite costly, otherwise the companies like ATT/Apple and so on, would not be among the richest companies on the world. AT&T revenues in 2017 were 160 billion. And AT&T is only one of those Telecom companies. Apple's revenues in 2016 were 215 billions Dollars.

There was a working web before there was so much targeted advertising on the web. People paid for their website which hosted content that they wanted to tell people. Many people got their website thrown in with something else they paid for e.g. their ISP or workplace might provide a webpage which you could use. If you wanted more you paid.

Unfortunately many of the entities like google and facebook and others are too entrenched to fail in the next 8 years or so. There isn't enough political will (currently) to impose strong regulations in the US, as evidenced by the Zuckerberg hearing, and it will likely take an entire political party embracing the ideals to actually build up the regulatory framework

The way I understand regulation is that it usually entrenches the existing players, making it even harder to fail.

I often hear this argument on HN (usually to oppose regulations out of principle) but while it obviously happens at times it doesn't have to be.

Anti-trust regulations for instance are clearly about encouraging competition. Similarly many jurisdictions price dumping is illegal which is a way to prevent big players from destroying small ones by playing dirty. Regulation is whatever you want it to be. "Regulations are good/bad" makes almost as little sense as "GMOs are good/bad", to take an other usually divisive topic.

It doesn't have to be. It just usually ends up working out that way.

I don't always lose in Vegas either, but I don't go there looking to drum up money for my my mortgage payment.

I think the right way to look at regulation is that is very likely to fail, or arrive with enough unintended consequences that it probably makes things worse but everything else was sure to fail so even though its a long shot, its the best chance we've got so...

It's like jumping from the 3rd story of a burning building. It might be our only chance, but we should be damn sure the stairs aren't an option before we take the leap.

Not true either - policy depends on the type of market, and whether there is enough political will to make it happen.

Several markets tend towards single players (telecom for example) without regulation you will always have a poor economic outcome (for the majority of citizens aka customer Education)

Telecom is a good example of an instance where the stairs are clearly blocked.

Cosmetology is a perfect example of where the stairs were clearly passable but we jumped anyway.

Taxi cabs are a good example of where its not necessarily obvious. Proceed with an abundance of caution.

My argument is that we cosmetology more than we telecom and we should head back the other way.

Don’t know -all the major tech firms in the social media space tend to cluster around the belief that owning the whole network is the core source of value.

Matter of fact social dynamics end up putting massive pressure on any firm

This does not tend towards anything but scenarios where regulatory intervention is required.

Also -intervention is required in scenarios where products are known to subvert or pervert the normal decision making systems of humans - or create unintended side effects.

Cigarettes, gambling, addiction or health harming products come to mind. - but I suppose that’s under the umbrella of citizen health and safety.

"Usually" is a quantitative claim (and one that doesn't have a lot of evidence). It doesn't have a lot of power to inform qualitative judgments like whether regulation is inherently good or bad.

Regulation, like software, can be designed well or designed poorly. It can entrench special interests or it can protect against them.

When Coca-Cola lobbied to have the FDA ban stevia as a food additive, it hurt certain regional sodas and entrenched Coca-Cola's market position.

But there are plenty of regulations that do not entrench market players, but protect the free market. Part 2635 of Title 5, Code of Federal Regulations (5 C.F.R. 2635), for example, prohibits federal employees from accepting gifts from anyone doing business with their agency or seeking to do so, and implements limitations on other gifts. This significantly reduces the likelihood of bribery.

That happens because the actual efforts are so watered down that they don't actually stop the offensive actions.

Take Money Laundering. One of the largest vehicles is real estate. The National Association of Realtors lobbied hard for an exemption to the AML rules, and they were granted a temporary exemption that was extended multiple times:


It definitely seems like it often does, simply by raising the barrier to entry requiring a lot more hoops to jump through.

I don’t think the things like the Do Not Call list has entrenched anyone’s position? Happy to hear how I’m wrong.

I think there is a big difference between prohibiting certain behaviors and installing a regulatory compliance regime

Thank you for saying this.

The market will decide. And it's becoming clear to the population who these current players really are.

The market is oblivious to what's going on. The population only gets to know what they hear from the news media (or their 'social networks'), the same media that's controlled by advertisers. The same advertisers who want to build the market to advance corporate interests. The "market" (and population) will do whatever they are told and privacy is seen as a force that prevents the market from thriving.

The market decided already. They love having no privacy.

But what if it turns out the market has the judgement of a drunk teenager?

My hope in our new GDPR world is one of two things:

1) Since many companies will have to do the work to become GDPR compliant, they will just make the results of that work available to all customers/consumers, not just EU citizens. (I think I read that it seems like this won't be the case for Facebook, but oh well, I'm already on my way out the door for that platform.)

2) There's a long history of the US and EU and other nations working to harmonize many of their laws and regulatory frameworks. Either the US might adopt the GDPR or something GDPR-like out of its own desire to harmonize, or the EU might make the US adopting something GDPR-like a condition of some other trade or legal agreement.

Both of these are of course best-case, so I suspect in the end we'll get something... not as good.

A "right to be forgotten" in the US would be a silver lining in this whole situation, but I don't doubt that Google and Facebook and other entities would lobby hard to prevent that from happening.

Hard to see it ever happening. Nor should it. I'm pretty sure that, if it ever got to that level, the US Supreme Court would find it unconstitutional.

Think about this (and GDPR) for a second:

“The Civil Rights Act of 1964 prohibits national origin discrimination. Often that means banning polices that have a disproportionate advantage for people from certain countries.”

US, you might thank Europe later :)

Except Europe discriminated against Americans due to FATCA — that knife cuts both ways.

It’s what the Buddhists were saying all along long! You’ll just need to accept that you don’t have any self. I think Nietzsche was whining this was gonna happen too.

Or wait are you seriously suggesting it won’t happen? Honestly it’s better than the social credit system can’t own property or ride a train thing if we have to be honest.

I think I was lucky: I was born soon enough that I could use the Internet as a reckless teenager and very little trace of that remains (unless someone has logs from long-crashed private forums, or IRC logs). People born not long ago, in many parts of the planet, don't have this luxury. Everything is a constant archive of your life.

I'm the same, and very grateful that the mistakes and generally embarrassing stuff I posted probably didn't get archived or saved anywhere. The contents of my Xoom site are long gone, and so are the comments in my BeSeen guestbook. Someone, somewhere, maybe has logs from irc.scifi.com circa 1998, but they're certainly not published.

I think this right to fail without a trace is an important one, and one that, intentionally or not, we've taken away from those who came after us.

Have you checked the wayback machine? a few of my very embarrassing geocities pages made as a tween are there.

Which was actually a concerted archiving effort when the site announced it was going down on short notice.

No one has a right to have their mistakes hidden, though certainly we could talk about whether a merciful & forgiving society should forget because it's the right thing to do.

Actually it’s my understanding that kids have their records cleared once they hit 18 in the US. I don’t know the full specifics of that or whether it applies in only certain states/locals. But I think there is logic to it that also suggests allowing people a rewrite.

In the EU they do.

If you take “right to be forgotten” literally it’s actually quite dystopian: the only way to enforce it is to erase peoples’ memories.

I’m intrigued by your idea, but I don’t understand.

I think of a right as something inalienable—even if it’s blocked, you still have it. And morally unquestionable. I have a right to move about my country freely, so long as I don’t interfere with people. I believe I can morally use violence to defend myself on someone else’s “property”. Of course the U.S. disagrees. They think someone simply buying a deed is enough to strip me of that right. We’ll see if the U.S. ever recognizes my right. I believe Finland does.

But I don’t understand the right you’re referencing. It seems to amount to: if I do something when I am a child, I have a right to use physical violence to stop people from telling stories about it later.

And you want this right to be recognized by the courts so you can use the police to exact that force, rather than doing it yourself and risking your own incarceration.

Is that right? Sorry I’m extrapolating your position. I know you didn’t say that directly, but I am trying to understand what legal reality you are hoping for and what you mean when you say “right”.

>But I don’t understand the right you’re referencing. It seems to amount to: if I do something when I am a child, I have a right to use physical violence to stop people from telling stories about it later.

You seem to be using "physical violence" in the sense that anarchists to do when referring to states and their monopoly on force, yet there is no physical violence involved in the removal of data from a database, and I'm not aware of any laws which insist upon using the police, incarceration or similar coercion to enforce such removal.

I believe you're being disingenuous in implying that one political construct (the "right to be forgotten") is rooted in thuggishness while another (the "right to roam") is a universal, and therefore morally pure, constant.

No, I mean literal violence, as in the police coming to my house and handcuffing me so they can remove the hard drive from my server... that’s what you’re advocating isn’t it?

As for the roaming vs forgetting thing... the difference is it’s me who is doing the roaming, but I’d have to get everyone else to do the forgetting.

It’s analogous to the difference between sodomy laws and pronoun laws... sodomy is something I do with my partner. Pronouns are something that everyone else around us does.

I don’t have a strong opinion here.. I’m just asking for your help understanding this positive/negative rights thing.

> No, I mean literal violence, as in the police coming to my house and handcuffing me so they can remove the hard drive from my server... that’s what you’re advocating isn’t it?

No, no one is advocating that. I'm not, b5 wasn't - at least not in any way that could reasonably be inferred from their comment - proponents of the right to be forgotten aren't, and because it's a concept of civil law, rather than criminal law, nowhere in the GDPR is any reference made to anything resembling "literal violence, as in the police coming to my house and handcuffing me so they can remove the hard drive from my server."

The "right to be forgotten" is just the right of ownership over one's identity and over the data one provides to businesses. That's it - no violence, no mind control, no gestapo breaking down your door and confiscating your hard drive, no "literal violence", no dystopian nightmare.

If you don't agree that such a right should exist, fair enough - but you've pushed the premise to an absurd extreme and constructed a strawman version of it here. Any right or law, when taken to extremes, because extremist - that's tautological, but arguments from absurdity on that basis are also far from compelling.

"if I do something when I am a child, I have a right to use physical violence to stop people from telling stories about it later."

Well you have taken a very reasonable argument, removed all context, and taken it to the most illogical extreme you could.

The argument is that for all of human evolution we have been able to try, fail and learn in small societies which forget, now we have to do it in a large society that doesn't forget.

If we fail society will remind us of our failure by mocking us, this is a natural thing, and good for us, it encourages us to learn from our failures. Once we learn and correct the failure society and ourselves move on and forget.

If we can't forget we can't move on, instead of trying new things we over think our past failures. You can't change the past or learn anything new from the failure and so just live in regret and get depressed.

A society full of depressed people that wallow in regret is not good, check out the statistics of male suicide if you want to see just how self destructive such a society is.

The internet is a world wide society that never forgets. If you make a mistake instead of your society of friends and family taking the micky, you have the entire world mocking you.

Many of the people mocking you are depressed and filled with regrets, they are not worried about things getting out of hand, in fact they want it they want other people to feel their regret so the mocking quickly escalates beyond healthy mocking.

Maybe you are made of tougher stuff, maybe you can elevate yourself above all the criticism, but most people in a society can't.

Its not about morality, the right to fail, learn and move on is necessary property of a functioning society.

Even today, there's still an ongoing rot of most online content--especially that not connected to a True Name. It isn't truly lost or anonymized but it gets pretty hard to mine over time.

That said, I'm glad that nothing of mine pre-college is online and everything from school that is still public went through an editor. No photos of me doing anything remotely scandalous. Even everything from BBS days is likely gone though there was nothing too exciting even there.

Well, one never knows. From one of my IVPN articles:

Sabu’s downfall clearly illustrates the roles of intentionality, trust and time. Sabu (Hector Xavier Monsegur) was born in 1983, and started hacking in his early teens.[0] He reportedly hung out on EFnet IRC chat servers. Like most n00bs, he was careless. At least once, he apparently made the mistake of logging in without obscuring his ISP-assigned IP address.[1] And someone, perhaps the admin, was retaining chat logs.[2] That’s to be expected. But based on those logs, they could link his various IRC nicknames, over time.

Years later, Sabu became famous through LulzSec. I gather that he was playing elite hacker to a crowd of script kiddies. That apparently offended some of his old EFnet associates.[3] Plus the fact that LulzSec was causing trouble for them, professionally. And so they considered him a jerk, and eventually doxxed him.

0) http://kernelmag.dailydot.com/issue-sections/headline-story/...

1) https://www.theregister.co.uk/2012/03/07/lulzsec_takedown_an...

2) https://sites.google.com/site/avalonlogsefnet/

3) https://arstechnica.com/tech-policy/2012/03/doxed-how-sabu-w...

Nobody will be nice, ever. Get it. All is sold.

Stop sharing info now. Go underground. Recently lost job application, bank loan, girl on dating site, citizenship, restaurant booking? Thank me in 10 years.

Someone asks you for date of birth. Give fake one. 'Security questions' - Where you were born - fake one - London, UK. Mobile phone, gender, address, zip codes - fake ones. Use password managers to remember fake answers.

Only government services might need real data.

And any companies posting things to you.

> 'Security questions'

Not only should you do this for privacy, but also security. It's quite simple to get the answers to some of the questions websites will ask you..

Switching to random strings saved by a password manager (in a different file, with a different master key preferably), or written down on paper and stored securely is probably the best way to handle this

> "Deleting stuff is just useless. It’s already [been] there. Perhaps the person looking for you copied the information. So it becomes a game of total misdirection: you have to keep the predator busy.”

This technique applies much more widely than personal privacy. It's exactly how propagandists/trolls work: Keep the seekers of truth busy. In the case of propaganda, the roles are reversed, of course; the seekers are the good guys, but the trolls' method is the same.

HN is particularly susceptible to it. Its method for dealing with bad information is that honest users will correct it with good information - the old, generally good idea that the answer to bad speech is more speech. Unfortunately, that's exactly what the trolls want, to keep the seekers of truth busy and not addressing the real issues. And the contest is highly asymmetrical: anyone can post a falsehood in seconds; it can take hours or more for the honest person to find the truth of it. The HN approach assumes a pact of good faith; propagandists take advantage of that pact. HN also forbids calling someone a troll, so the guidelines create for them, in a way, a safe, protected playground. I haven't looked at the front page discussion about Chinese foreign policy today, but I bet I know what I'll find.

The solutions aren't easy; this technique wasn't invented by social media end users, but long before the Internet by intelligence professionals.

> HN is particularly susceptible to it. Its method for dealing with bad information is that honest users will correct it with good information - the old, generally good idea that the answer to bad speech is more speech.

But remember with HN that "truth" is groupthink. There are many topics you cannot discuss here, even rationally. You will be punished with -1's, rate limiting, flagged/killed, shadowbanning, or other tools only those with more points (Read: positive groupthink) have.

I came to HN for the hard discussion about technology. I find that unless I agree with the elites in Silicon Valley, that my opinions and facts are not wanted or cared about.

And regarding the "the old, generally good idea that the answer to bad speech is more speech."....

You're commenting too fast. Slow down. (In other words, shut the fuck up and go away.)

> HN that "truth" is groupthink

Not in my experience. I mean, people are people everywhere, but IMHO HN is exceptional is this regard; I see less of it here than almost anywhere else.

> unless I agree with the elites in Silicon Valley, that my opinions and facts are not wanted or cared about.

The phrase "elites in Silicon Valley" conveys a lot. It throws some (unknown) individuals into a group, characterizes them all as just a stereotype, pigeon-holes them all into being representatives of it, and accuses them in the next sentence of abusing this role that someone else put them in. Personally, I don't know who the phrase refers to; I find that the responses I get here rely much more on the soundness of my fact, reasoning, and expertise than on premeditated opinion, and the quality of my communication.

> You're commenting too fast. Slow down. (In other words, shut the fuck up and go away.)

That's produced by an algorithm; I wouldn't take it personally.

> Not in my experience. I mean, people are people everywhere, but IMHO HN is exceptional is this regard; I see less of it here than almost anywhere else.

As an experiment, go to some relevant thread and courteously imply you don't share the belief that Rust is the greatest invention since penicillin.

Then watch what happens to your karma.

That depends a lot on how you present that argument.

Just googled myself for the first time in years. I was surprised how little information about me exists. It took until page 5 for a reference to me rather than other people with the same name and that was in relation to a limited company I us to have when I was a contractor. I only appear again 8 pages later.

I've removed myself from all social media since the start of this year and am in the process of de-googling myself.

So I'm pretty well hidden it seems. Still have some work to do but so far so good.

"So I'm pretty well hidden it seems."

Don't you believe it.The public facing side is the free crumbs. The good stuff is sequestered and for sale to "authorized" 3rds. It seems to me like the web has become an analogue of a "dark age", massive amounts of knowledge is hidden from most in a blinding white noise, while the few who pay can have as much as they can afford.

I'm fortunate in that I don't come up in the first 10 or so pages if you google my name. I've never gone deeper than that. It's a combination of a pretty generic name and an early, almost accidental, decision not to use my full name on any social network -- mostly I'll just use my first. I didn't really plan it, but I'm glad I accidentally ended up ungoogleable.

My entire set of real names is basically a string of generic names. They also happen to conflict with a famous sports ball player and another professional. Finding me on the internet is difficult.

Even after you leaked that info?

Yes. I even go to the lengths to seed my online identity with other names to add confusion to anyone looking me up.

I just did the same. Linkedin came up, and then fantastically 192.com lists my previous addresses along with previous occupants. This includes an ex, three people I shared university accommodation with, and fantastically my parents names: including my mother who kept her maiden name.

All those were done before I really understood opt-out on the electoral register, and my parents registered me without telling me. And I have no way of removing the information, despite the fact that mother's maiden name is still bizarrely used as a security question.

In my experience, searching for any English/American (or Russian) name turns up at least a dozen people with the same first and last names. If a name is extra generic like John Smith, I don't even bother searching because the task is like looking for a needle in a haystack. Although, people with an Anglo name do usually have middle names :) Maybe everyone should take up a generic name to disappear on the internet?

Yes, but you should not assume that the person who searches won't specify additional terms. For example "first_name last_name" yields different results than "first_name second_name third_name fourth_name last_name" or "first_name last_name city". It all depends on how eager the person is to find information about you, and how clever they are with search engine usage. You cannot test all the parameters!

I’m pretty much unique in spite of not having an obviously unusual name. Sufficiently mixed countries I guess.

The thing that seems vaguely scary is having a fairly unusual name that’s shared by someone notorious who is plausibly you. I knew someone who shared a name with someone else who lived in NYC and was the object of considerable local hatred. The gut I knew literally got death threats on his phone.

Take it from an English / American that there are plenty of names of ours that, while reasonably rare, have only one person for hits. :)

Best option: inject noise; i.e. create a hundred different copies of yourself, each with different hobbies and lifestyle. Perhaps you could even pay someone to do it.

This likely won't work for long. Detecting fake profiles seems like a solvable problem with ML.

They don't need to be 100% fake. I can imagine that many automatically generated "profiles" that contain a grain of truth may be enough to poison the data well.

Maybe use ML to generate the right type of noise?

Great sci-fi in there, No?

Long after the humans were gone, the 2 ai's duked it out as one tried to invent credible "people" and the other tried to detect them. Finally they became so locked in the battle, they became like one bicameral mind imagining a world of "people" to itself until one fine morning they said to themselves "let there be light" and found it good...

Starring Goodfellow et al https://arxiv.org/abs/1406.2661

This would make for a cool open source project. Create a custom client for your favorite AdTech company, which injects real-looking noise into the data, blocks the resulting ads, and provide a decent interface to the content you actually need.

If somebody wants to get started on this, I'd be happy to build the front-end. (email is in my profile)

Yes, but you would need to know when it succeeds and when it fails - how else can you train it? Solve this, and it's plausible.

There's an interesting idea here though, also solvable with software/ML: Some kind of social network aggregation/multiplexing layer, which automatically segments your online/social network activity across different profiles, providing some isolation between work, hobbies, family, different groups of friends, etc... There are already bits and pieces that accomplish this to some degree: sandbox tabs, VPNs, and yes fake profiles...

Then simply adjust the profile until the ML says it's not fake.

Depends entirely on how much work you put into the fake profiles.

One cannot disappear but one can blur. Blurring strongly enough is synonymous with disappearing (will work as long as one is not famous/public person).

Ad nauseum

It's spelled Ad Nauseam and you shouldn't throw a commonly used Latin term around without specifying you're actually talking about an extension[0].

[0] - https://adnauseam.io/

take a breath man

It's a great idea and I know people who are working on this.

Maybe this service already exists...

A web service with VPN interface that instantiates a from-scratch account on log in and then deletes it when you log off. Do all your browsing this way. If you actually want to buy something, your credit card information stays with the service as a middle-man and it makes the payment via it's own banking interface and keeps a small fee for protecting your privacy.

Many facets not contemplated in that paragraph, but maybe you get the general idea.

Is there such a service yet? 'Anonymous' access to the Internet and still have the useful bits available?

you could roll your own with a VPN and privacy.com

The examples in the article are mostly people who want to disappear in meatspace. Not specifically on the Internet. That's hard, unless you totally drop out of modern society. Or have resources to create shell corporations.

Disappearing on the Internet, however, is pretty easy. Just delete all of your old accounts. Email, social media, everything. You can check periodically for traces, as long as you use Tor. Or better, Tor accessed through a VPN, or through nested VPN chains.

But really, even that is usually not necessary. Just compartmentalize. For anything that you wouldn't share freely with the police, potential employers, your family or whatever, use a persona. Indeed, have multiple personas. Each one should be isolated from others. Different VMs, or perhaps different hardware. Different LAN. Different path to the Internet.

2012-2020 will be named 'Data theft years' in future Wikipedia article 'Web Dark Ages'

Depends who is controlling (or trolling) wikipedia. https://news.ycombinator.com/item?id=17109290

I'm reminded of the long-form Wired article, "Writer Evan Ratliff Tried to Vanish: Here’s What Happened" (Ratliff 2009).

  "Along the way they’d also proven my privacy to be a
  modern fiction. It turns out that people — ordinary 
  people — really can gather an incredible dossier of facts
  about you."
It turns out the public's short attention span has it's benefits,

  "But a month later, life was back to normal and no one 
  was taking any interest."
[1] https://www.wired.com/2009/11/ff_vanish2/

reminded of brunner's classic "the shockwave rider" [https://en.wikipedia.org/wiki/The_Shockwave_Rider]

if you are at all a science fiction fan and you've not read brunner, i would strongly recommend his "big four" books at least - "stand on zanzibar", "the shockwave rider", "the jagged orbit" and "the sheep look up". he has a startlingly prescient vision of the kinds of dystopias we could be headed for.

Thank you for this. For me, one of the best things about HN are the book and movie recommendations that occasionally appear in Comments. The likelihood I'll enjoy said titles is higher than that of recommendations from any other source, online or in print.

It's really easy to get your Facebook account permanent and irrevocably deleted :

just start spamming some links on public pages. after you do this a dozen times, Facebook will disable or shadow-ban your account , rendering it completely invisible for everyone but you, esp if you do it really quickly and the links are obvious spam

If I am still able to see it afterwards, I think we have different definitions of "permanent and irrevocably deleted".

How does your account being shadowbanned or disabled matter if Facebook themselves still has your complete account, and will readily sell access to aggregated info which includes all information associated with your account?

Protip:before you start, make sure to change your name to nudeCelebsForFree.

I can't check, but does FB even allow name changes anymore?

they did a few months ago when I changed mine away from my real name

This sounds too easy, so I'm gonna have to ask: does that actually work? Have you done this?

Sometime back, I registered a few domains with Gandi. Now, when I google my email, two of these domains are returned complete with my personal details from a site called cutestat. Anyone knows what a non Europe based person can do to have that information deleted?

After the 25th, send them a polite email saying you're a European resident, and you would like your personal data erased. Or if they have a contact form, visit their site from a European VPN, and submit a support request. If they question it, because your personal information says you live in the US, just say you relocated to Germany a few years ago, or you're dual citizenship with a European spouse. It's likely not worth their time to argue and risk a potential complaint.

Great perspective, I see.

You can not really delete this info: there are multiple "whois history" sites out there, and if you manage to persuade each one to remove old info, it would still be stored in numerous dumps one can find on closed forums or torrents.

Source: I myself have my (now outdated) phone number and home address attached to several domains...

How was this question not flagged as unrelated to information security? The main problem with stackexchange (aside from closing your questions) is not knowing how they will interpret their own rules.

That's because flagging and rule application is not centralized. Once you have a certain number of points from helping others, you get the right to flag questions. Not everybody does is correctly right away. But over time and on average, its a pretty good system. Better than having mods that may ego trip or follow some personal agenda. Also, if a good question gets closed, other users can flag it to be re-opened.

This kind of surprised me: "This question was featured as an Information Security Question of the Week.

Read the Jan 27, 2014 blog entry for more details or submit your own Question of the Week."

I feel a similar question on stackoverflow would quickly have been flagged as not constructive or something.

What about making personal information owned by that person and adding a UK-style Data Protection Act to allow people to demand their data from you and correct or delete it if it's wrong?

If it's in the public interest for the government to bring criminal charges against copyright violators, it's in the public interest to do the same for people who copy personal information without consent.

Data brokers make this nearly impossible. They just horde public record so you can't really do much to stop it.

Good luck with that, you might do it in a rural area but then you are the nutter hermit guy everyone talks about.

# What if we had an Advertising ID API in the browser?

With an Advertising ID I could be in charge of the things I want tracked about myself, an opt in participation, not only a generic yes or no, instead, a detailed approach on tracking.

If I had an advertising ID that the browser allows me to manage, and which would be common across all browsers, there would be definitely no need to have that much effort thrown away at identifying Internet users with all kinds of trickery.

1. I just provide this advertising ID to all advertisers by default. 2. Then I choose what I want tracked. THE BROWSER then tracks said items in an anonymous mode, transmitting non identifiable information only (such as product names, SKUs, Page contents, even links but say in a screwed up order). 3. Then I can ban advertisers or networks that show me crap. One by one.

It would be a shared effort.

The user will do some work, but they will have the tools required for the work. The banning and defaults will be scriptable and people could solve 80% of the problems with easy scripted actions (via browser extensions and such). Advertisers will have to work with anonymous details, but they will be able to precisely target people, after they solve the math involved with working with irregular data sets.

Advertising is the financial engine of the Internet and all this rage against it won’t make it disappear or behave nicely. Browser vendors need to work together and they need to do so in the same way they did it for so long: to implement open web specifications.

Advertising is just another kind of technology that the browser needs to support!

Advertising ID would be a solid base for all the freemium content to have the legitimacy required to block users who don’t provide a way in for advertisers. Once we get technology that is as safe as the Internet overall is, we can then teach people how to use it, and shut out sociopathic behaviour of money crazed folk to the obscure corners of forsaken random domain names.

The Better Ads Standards is just talk. We need tech that supports it and it should be a browser implementation of an open standard with an Advertising ID API. People will flock to the best support of a good standard. Everybody wins and competition stays healthy.

It is illogical to rip off the internet of it’s best lucrative asset: the capacity to target advertising with great precision. It is dangerous that for the same reason should the Internet become the looking glass of Big Brother. And the tech to stop this from happening, while maintaining money flow for Internet growth is easily achievable.

Do you thing an Advertising Standard with an Advertising ID API would make the Internet better?

>This year it was revealed that in 2004, [...] Mark Zuckerberg, sent an instant message [...]

>“People just submitted it,” Zuckerberg wrote. “I don’t know why. They ‘trust me’.”

>“Dumb fucks,” he added, after a pause.

That was revealed much earlier than "this year". Here's an article from 2010:


> "Just until I could raise the funds to pay back my investors."

Charles Ponzi would be proud

Would make a great TV series :)

Imposters comes close

Black Mirror :)


google frightens me most. Your kids share their assignments to it, your company uses it for all comms, you use it for private messages, you tell it your secret desires via searches, it knows who you're with at any point of time with android location ... Google Home? My home?

SkyNet must be destroyed now.

Half through the article, but boy, it looks cool :D

1) Compartmentalize - awful word, meaning new skin (virtual Id). Better call it Id separation. U must use new

1.1) Make new Id with new names, nicks, adresses, countries, stories

1.2) Buy new devices (MAC adresses) paying cash. Best to use separate MacBook / iPad / iPhone. Apple security beats Windows and Android flat.

Scanning WiFi access point traffic shows all connected devices by MAC. Your device pings available WiFis revealing the MAC.

1.3) locations / networks (locations by IP). Always use VPN in always-on mode (DNS leaks). Different VPN provider for every device (and Id), paying BitCoin or 3rd-party deals via PayPal. Same device on a different network can be tracked via browser (browser fingerprinting). So, separate devices.

Install uBlock Origin in advanced/medium mode to every browser and use Private browsing tabs only (tracking cookies).

1.4) New Id's social profiles (FB and rest). Takes effort, get pictures from google images, and so on. Good profile will be 6 months old at least. Buy friends.

Classical error - logging in as Id1 from device/network(by location) assigned to Id2.

2) ...

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact